Start Free
10.6 | Analyzing source code | Pull request analysis | Setting up the pull request analysis

Was this page helpful?

Setting up the pull request analysis

On this page

Pull request analysis is available starting in Developer Edition.

To set up the pull request analysis:

  1. Add the SonarQube analysis step to your pull request CI pipeline. See the corresponding section of your CI tool in this documentation:
  2. Perform the following setups specific to the pull request:
    • Make sure that the pull request source branch is properly checked out in the CI repository: see Verifying the code checkout step.  
    • Make sure that the SonarScanner gets the pull request parameters required for the project analysis: see Setting up the pull request parameters below.
  3. In addition, you can configure the pull request decoration: see Configuring the quality gate status report below.

Setting up the pull request parameters

The SonarScanner can automatically detect the pull request parameters when running on the following CI services (you don’t need to perform any additional setup):

  • Azure Pipelines
  • Bitbucket Pipelines
  • Cirrus CI
  • Codemagic
  • GitHub Actions
  • GitLab CI/CD
  • Jenkins (with the Branch Source plugin configured)

The table below lists the analysis parameters specific to the pull request analysis that are required by the SonarScanner. See Analysis parameters for information about the setup of analysis parameters for the scanner.

Parameter NameDescription
sonar.pullrequest.key

Unique identifier of your pull request. Must correspond to the key of the pull request in your DevOps Platform.

Example: sonar.pullrequest.key=5

sonar.pullrequest.branch

The name of the branch that contains the changes to be merged.

Example: sonar.pullrequest.branch=feature/my-new-feature

sonar.pullrequest.base

The branch into which the pull request will be merged (target branch).

Default: main branch

Example: sonar.pullrequest.base=main

Configuring the quality gate status report

You can report the pull request analysis and quality gate status directly in your DevOps platform's interface (pull request decoration). For projects bound in SonarQube to their DevOps platform repository (this requires the integration setup of your DevOps platform with SonarQube), the quality gate status report is automatically set up. For more information, see the DevOps platform integration page that corresponds with your DevOps platform:

© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, SONARCLOUD, and CLEAN AS YOU CODE are trademarks of SonarSource SA.

Creative Commons License